Privacy Policy

Last updated: November 28, 2025

1. Introduction

SyncMySalon ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered booking assistant service ("Service"). Please read this Privacy Policy carefully.

By using the Service, you consent to the data practices described in this policy. If you do not agree with the practices described, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

  • Account Information: Name, email address, phone number, business name, timezone, country
  • Business Information: Salon details, services offered, pricing, stylist information, working hours
  • Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
  • Communication Data: Messages sent through the Service, support requests, feedback
  • Configuration Data: AI assistant settings, tone preferences, branding customizations

2.2 Client Data

As a salon owner using our Service, you may collect and store client information through the booking system, including:

  • Client names and contact information (phone, email)
  • Booking history and appointment details
  • Conversation logs from chat interactions
  • Service preferences and notes

Important: You are the data controller for client data. You are responsible for ensuring you have the legal basis to collect and process this data, and for complying with applicable data protection laws, including GDPR. We act as a data processor for client data.

2.3 Automatically Collected Information

When you use the Service, we automatically collect certain information, including:

  • Usage Data: Pages visited, features used, time spent, click patterns
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Server logs, error reports, performance metrics
  • Cookies and Tracking Technologies: See our Cookie Policy for details

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

  • Provide, maintain, and improve the Service
  • Process bookings and manage appointments
  • Enable AI-powered chat interactions
  • Send booking confirmations and reminders
  • Sync with integrated calendars (e.g., Google Calendar)

3.2 Communication

  • Send service-related notifications and updates
  • Respond to support requests and inquiries
  • Send billing and subscription information
  • Provide customer service

3.3 Analytics and Improvement

  • Analyze usage patterns to improve the Service
  • Develop new features and functionality
  • Monitor performance and troubleshoot issues
  • Generate aggregated, anonymized analytics

3.4 Legal Compliance

  • Comply with legal obligations
  • Respond to legal requests and prevent fraud
  • Enforce our Terms of Service
  • Protect our rights and the rights of users

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data based on the following legal bases:

  • Contract Performance: To fulfill our contract with you and provide the Service
  • Legitimate Interests: To improve the Service, prevent fraud, and ensure security
  • Consent: Where you have provided explicit consent (e.g., marketing communications)
  • Legal Obligation: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

  • Payment processors (Stripe, PayPal)
  • Cloud hosting providers (AWS, Supabase)
  • AI service providers (OpenAI for GPT functionality)
  • Email service providers
  • Analytics providers (Google Analytics, if used)

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership.

5.3 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

6. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Account Data: Retained while your account is active and for 30 days after account deletion
  • Client Data: Retained according to your instructions and legal requirements
  • Transaction Data: Retained for 7 years for tax and accounting purposes
  • Log Data: Retained for up to 12 months for security and troubleshooting

Upon account deletion, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

7. Your Rights (GDPR and CCPA)

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

You have the right to access your personal information and receive a copy in a portable format.

7.2 Rectification

You have the right to correct inaccurate or incomplete personal information.

7.3 Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal information, subject to legal retention requirements.

7.4 Restriction of Processing

You have the right to request that we limit how we use your personal information.

7.5 Object to Processing

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

7.6 Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time.

7.7 Data Portability

You have the right to receive your data in a structured, commonly used format.

7.8 Exercising Your Rights

To exercise these rights, please contact us at marleyalmere@gmail.com. We will respond to your request within 30 days. You may also have the right to lodge a complaint with your local data protection authority.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Regular security assessments and updates
  • Access controls and authentication mechanisms
  • Secure data centers and infrastructure
  • Employee training on data protection

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

When we transfer data from the EEA to other countries, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Sending an email notification to registered users
  • Displaying a notice in the Service

The "Last updated" date at the top of this page indicates when changes were last made. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: marleyalmere@gmail.com
Data Protection Officer: marleyalmere@gmail.com

For users in the EEA, you may also contact your local data protection authority with concerns.